Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Expand right under Win2K

From: "Edwards, David (JTD)" <Edwards.David2 () SAUGOV SA GOV AU>
Date: Wed, 10 Jan 2001 12:47:28 +1030
Hi,


-----Original Message-----
From: Paul Cardon [mailto:paul () MOQUIJO COM]
Sent: Wednesday, 10 January 2001 7:48 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Expand right under Win2K

Charlie Rhodes wrote:



We have a win2k where we have access to a cmd.exe with

the rights of the

web-server and we would like to obtain administrator

rights. Also we

don't have the rights to read the SAM files.
We tried the well-known methdos under win  NT 4.0 (like

breaknt.exe,

read from raw device) in vain.


    Do you have network (ftp) access?  or floppy access?
http://www.bo2k.com should do the trick.  You'll probably

want to configure

the server part off the machine, then load it on.


This is the second time this question has been asked on the list and
almost everybody misunderstands the problem.  Let me restate it:


[snip 3 good ideas]

Add:

4) Install a Trojan to catch the admin next login.  All_users
startup may be available, common mistyped stuff in cmd shells
(how many of us try to use ifconfig in an cmd shell :-), unprotected
batch files etc.

ciao
dave
---
Dave Edwards
Justice Technology Division
Ph: +61 8 82265426 || 0408 808355
mailto: edwards.david2 () saugov sa gov au
Snail : Justice Technology Division
        GPO Box 2048, Adelaide 5001
---
The information in this e-mail may be confidential and/or legally
privileged.  Use or disclosure by anyone other than the intended
recipient is prohibited and may be unlawful.  If you have received
this e-mail in error, please advise me immediately
---
Previous By Date Next
Previous By Thread Next

Current thread: